ref: changePassword.jsp now uses ChangePasswordDTO

src/main/java/uma/taw/ubayspring/controller/AuthController.java

@@ -4,7 +4,10 @@
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
 import uma.taw.ubayspring.dto.auth.ChangePasswordDTO;
 import uma.taw.ubayspring.dto.auth.RegisterDTO;
 import uma.taw.ubayspring.dto.auth.ResetPasswordDTO;
@@ -32,9 +35,9 @@ public ChangePasswordDTO getChangePassword() {
     }
 
     @PostMapping("/changePassword")
-    public String postChangePassword(@RequestParam String oldPassword, @RequestParam String password, @RequestParam String repeatPassword) throws AuthenticationException {
+    public String postChangePassword(@ModelAttribute ChangePasswordDTO changePasswordDTO) throws AuthenticationException {
         var user = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal());
-        service.changePassword(user, oldPassword, password, repeatPassword);
+        service.changePassword(user, changePasswordDTO);
 
         return "redirect:/";
     }

src/main/java/uma/taw/ubayspring/service/AuthService.java

@@ -8,6 +8,7 @@
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
+import uma.taw.ubayspring.dto.auth.ChangePasswordDTO;
 import uma.taw.ubayspring.dto.auth.RegisterDTO;
 import uma.taw.ubayspring.dto.auth.ResetPasswordDTO;
 import uma.taw.ubayspring.entity.ClientEntity;
@@ -43,20 +44,22 @@ public class AuthService implements UserDetailsService {
     PasswordEncoder passwordEncoder;
 
     public void changePassword(@NonNull User user,
-                               @NonNull String oldPassword,
-                               @NonNull String newPassword,
-                               @NonNull String repeatPassword
+                               @NonNull ChangePasswordDTO changePasswordDTO
     ) throws AuthenticationException {
-        if (!repeatPassword.equals(newPassword))
+        String password = changePasswordDTO.getPassword();
+        String repeatPassword = changePasswordDTO.getRepeatPassword();
+        String oldPassword = changePasswordDTO.getOldPassword();
+
+        if (!repeatPassword.equals(password))
             throw new AuthenticationException("Passwords don't match");
-        if (!newPassword.matches(AuthKeys.PASSWORD_REGEX))
+        if (!password.matches(AuthKeys.PASSWORD_REGEX))
             throw new AuthenticationException("Invalid password format");
 
         LoginCredentialsEntity loginCredentials = getCredentialsEntity(user);
         String oldHash = loginCredentials.getPassword();
 
         if (passwordEncoder.matches(oldPassword, oldHash)) {
-            var newHash = passwordEncoder.encode(newPassword);
+            var newHash = passwordEncoder.encode(password);
             loginCredentials.setPassword(newHash);
 
             loginCredentialsRepository.save(loginCredentials);